Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Friday, 20 Oct 17 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story OSS and Sharing Leftovers Roy Schestowitz 18/10/2017 - 11:08pm
Story CMS: Mass.gov Moves to Drupal, Voyager 1.0 is Out Roy Schestowitz 18/10/2017 - 11:06pm
Story Chrome and Mozilla Roy Schestowitz 18/10/2017 - 11:03pm
Story FUD and Openwashing Roy Schestowitz 18/10/2017 - 11:01pm
Story Microsoft never disclosed 2013 hack of secret vulnerability database Roy Schestowitz 18/10/2017 - 10:44pm
Story Games Leftovers Roy Schestowitz 18/10/2017 - 10:01pm
Story Plasma 5.11 – Keep the momentum going Roy Schestowitz 18/10/2017 - 9:57pm
Story Today in Techrights Roy Schestowitz 18/10/2017 - 7:07pm
Story Android Leftovers Rianne Schestowitz 18/10/2017 - 6:55pm
Story Canonical CEO Mark Shuttleworth: IoT, Ubuntu and the yogurt of the future Rianne Schestowitz 18/10/2017 - 6:46pm

Desktop: HP, TERES-I, and Munich (LiMux)

Filed under
GNU
Linux
  • HP Rolls Out The First "Raven Ridge" Zen+Vega APU Notebook

    AMD has announced the world's first "Raven Ridge" APU with this notebook being powered by Ryzen 5 CPU cores paired with Vega graphics.

    [...]

    The Raven Ridge testing has been up and coming already within the AMDGPU code the past few cycles: Raven Ridge does require AMDGPU DC support so you'll be looking for a Linux 4.15+ based kernel.

  • TERES-I DIY ARM 64-Bit Linux Laptop Released For 240 EUR

    The TERES-I has been released as a do-it-yourself ARM 64-bit Linux laptop. The price isn't bad, but it's also not targeted as being a high-end/performance-oriented laptop.

    The TERES-I is designed around an Allwinner A64 SoC with quad-core Cortex-A53 processor. This laptop has an 11.6-inch 1366x768 laptop, 2GB DDR3L system memory, 16GB eMMC flash memory, WiFi/Bluetooth, HDMI, dual USB, and a 9500mAh laptop. The laptop weighs 980 grams.

  • Munich takes further steps to ditch Linux and go back to Windows

    The City Council was forced in an article entitled ‘Penguin, Adieu!' to admit to the German Federation of Taxpayers that things weren't going to work out.

  • Linux faces a Munich crisis [Ed: It's not a "Munich crisis" but Microsoft corruption]

Security: Equifax, Grafeas, Updates and Open Source Security Podcast

Filed under
Security

Conservancy Applauds Linux Community's Promotion of Principled Copyleft Enforcement

Filed under
GNU
Legal

Software Freedom Conservancy congratulates the Linux community for taking steps today to promote principled, community-minded copyleft enforcement by publishing the Linux Kernel Enforcement Statement. The Statement includes an additional permission under Linux's license, the GNU General Public License (GPL) version 2 (GPLv2). The additional permission, to which copyright holders may voluntarily opt-in, changes the license of their copyrights to allow reliance on the copyright license termination provisions from the GNU General Public License version 3 (GPLv3) for some cases 1.

Conservancy also commends the Linux community's Statement for reaffirming that legal action should be last resort for resolving a GPL violation, and for inviting noncompliant companies who work their way back into compliance to become active participants in the community. By bringing clarity to GPLv2 enforcement efforts, companies can adopt software with the assurance that these parties will work in a reasonable, community-centric way to resolve compliance issues.

Read more

DragonFly BSD 5.0 Operating System Debuts Next-Generation HAMMER2 File System

Filed under
BSD

More than six months after the release of the 4.8 series, the BSD-derived DragonFly BSD operating system has been updated today to version 5.0, a major new stable series that introduces new features and numerous improvements.

Read more

also: DragonFlyBSD 5.0 Released With Initial HAMMER2 Support, Support For 900k+ Processes

LinuxAndUbuntu Review Of BunsenLabs Linux

Filed under
Linux
Reviews
Ubuntu

Once upon a time there was Crunchbang Linux, and then it was no more, and then the community brought it back to life in another form known as BunsenLabs Linux. This distribution offers a lightweight and easily customizable Openbox desktop.

Read more

Linux Kernel Community Enforcement Statement FAQ

Filed under
Linux

Based on the recent Linux Kernel Community Enforcement Statement and the article describing the background and what it means , here are some Questions/Answers to help clear things up. These are based on questions that came up when the statement was discussed among the initial round of over 200 different kernel developers.

Read more

Raspberry Pi: Adding an SSD drive to the Pi-Desktop kit

Filed under
Linux

In my previous post, I wrote about assembling and using the Farnell element 14 Pi-Desktop kit. I limited that post to the basic installation, configuration and use of the Pi-Desktop enclosure itself. Now I am going to look at one of the optional expansion possibilities of that kit, adding an mSATA SSD (Solid State Disk).

The first thing to consider, though, is why you would want to do this. There are three obvious reasons:

Read more

KDE: KDE Frameworks 5.39.0, New Kubuntu ISOs, Krita Interview

Filed under
KDE
  • Release of KDE Frameworks 5.39.0

    KDE Frameworks are 70 addon libraries to Qt which provide a wide variety of commonly needed functionality in mature, peer reviewed and well tested libraries with friendly licensing terms. For an introduction see the Frameworks 5.0 release announcement.

  • KDE Frameworks 5.39 Brings KWayland, Kirigami Updates

    KDE Frameworks 5.39.0 was released this weekend as the latest complementary add-ons/libraries to Qt.

  • Updated Kubuntu 17.10 RC ISOs now available

    Following on from yesterday’s 1st spin of the 17.10 RC images by the ubuntu release team, today the RC images (marked Artful Final on the QA tracker) have been re-spun and updated.

    Please update your ISOs if you downloaded previous images, and test as before.

    Please help us by testing as much as you have time for. Remember, in particular we need i386 testers, on “bare metal” rather than VMs if possible.

  • Interview with Cillian Clifford

    I consider digital painting to be one of my weakest areas of art skills, so I spend a lot of time trying to improve it. Other areas of digital art I’m interested in include CAD, 3d modeling, digital sculpting, vector animation, and pixel art.

Games: Football Manager, Ravenfield, Dying Light, Tower of Time, Immortal Redneck, Let Them Come, DwarfCorp

Filed under
Gaming

Renesas taps new 10-year SLTS kernel from the Civil Infrastructure Platform

Filed under
Linux

Renesas upgraded the Linux stack for its RZ/G SoCs to use CIP’s 10-year SLTS kernel. Meanwhile, the standard LTS kernel will expand from 2 to 6 years.

The Linux Foundation launched the Civil Infrastructure Platform (CIP) project a year ago with the intention of developing base layer, open source industrial-grade software starting with a 10-year Super Long-Term Support (SLTS) kernel. The SLTS kernel is now ready to go, and is being incorporated by Renesas in its RZ/G Linux Platform stack for its ARM-based RZ/G system-on-chips.

Read more

today's howtos and leftovers

Filed under
Misc
HowTos
  • 26 DNF Command Examples for Package Management (rpm) on Fedora Linux
  • Fixing vim in Debian
  • OxygenOS Android 8.0 Oreo Open Beta Available For OnePlus 3/3T, Here’s How To Set It Up
  • How to Create Hard and Symbolic Links in Linux
  • KDE Plasma 5.11, Humble Bundle Acquisition, elementary OS & Snappy | This Week in Linux Ep.9

    Coming up on This Week in Linux. We take a look at some browser releases and a new crowdfunding project for socializing the command line.

  • Red Hat software and services land on Alibaba Cloud

    With that in mind, Alibaba Cloud, which is the cloud computing arm of eCommerce giant Alibaba Group Holding Ltd., said today that it’s partnering with the open-source software company Red Hat Inc. The alliance sees Alibaba Cloud join the Red Hat Certified Cloud and Service Provider program, which makes it possible for it to offer a range of popular Red Hat products to its customers. These will include the company’s flagship Red Hat Enterprise Linux platform, which will soon be made available via a pay-as-you-go pricing model in the Alibaba Cloud Marketplace.

  • Free software log (September 2017)

    I said that I was going to start writing these regularly, so I'm going to stick to it, even when the results are rather underwhelming. One of the goals is to make the time for more free software work, and I do better at doing things that I record.

    The only piece of free software work for September was that I made rra-c-util compile cleanly with the Clang static analyzer. This was fairly tedious work that mostly involved unconfusing the compiler or converting (semi-intentional) crashes into explicit asserts, but it unblocks using the Clang static analyzer as part of the automated test suite of my other projects that are downstream of rra-c-util.

    One of the semantic changes I made was that the vector utilities in rra-c-util (which maintain a resizable array of strings) now always allocate room for at least one string pointer. This wastes a small amount of memory for empty vectors that are never used, but ensures that the strings struct member is always valid. This isn't, strictly speaking, a correctness fix, since all the checks were correct, but after some thought, I decided that humans might have the same problem that the static analyzer had. It's a lot easier to reason about a field that's never NULL. Similarly, the replacement function for a missing reallocarray now does an allocation of size 1 if given a size of 0, just to avoid edge case behavior. (I'm sure the behavior of a realloc with size 0 is defined somewhere in the C standard, but if I have to look it up, I'd rather not make a human reason about it.)

  • Free Software Efforts (2017W41)

    The issue that was preventing the migration of the Tasktools Packaging Team’s mailing list from Alioth to Savannah has now been resolved.

    Ana’s chkservice package that I sponsored last week has been ACCEPTED into unstable and since MIGRATED to testing.

  • How to define a metrics strategy for your community

    Data sets are everywhere, and because open source communities produce plenty of information in addition to source code, most community infrastructures require tools to support the software development process. Examples include bug-reporting systems such as Jira and Bugzilla, versioning systems such as Git, and code review tools like Gerrit. Although communication also takes place through these tools, most is done through mailing lists, IRC, supporting systems like Discourse, and even Twitter and other social channels (especially for marketing and announcements). In fact, most open source communities utilize at least five or ten tools, if not more.

  • Opensource.com Lightning Talks at All Things Open 2017

    Join the Opensource.com community for a set of amazing lightning talks you won't want to miss during the All Things Open conference in Raleigh, NC. Speakers have five minutes to enlighten the audience about an open source topic they are passionate about. We've got everything from DevOps and Kubernetes, to wearables, cloud, and more. Grab your lunch, find a seat, warm up your Twitter fingers, and get ready for the fastest hour at All Things Open 2017. Share your favorite thoughts using hashtage #ATO2017.

  • LibreOffice: SharePoint integration. A year of progress
  • 4 website maintenance mistakes to avoid

    Maintenance is a good idea for every website, but it's a requirement for websites using open source code. The upside of open source is that everyone can participate. The downside is that means keeping up with everyone's changes. Code gets patched, which causes other code to stop working and need patches in turn. Exploits are found and then blocked. Fancy new features are developed, and your users want them. All of this means you need to keep up! The most important weapon to combat these forces is maintenance. Maintenance is a simple process, but there are basic mistakes that many people make at least once. Avoid these and you'll be well on your way to a safer, cleaner website that isn't a huge pain to keep running.

    [...]

    Even if you could do better, are you being paid to rewrite something that's already mostly working? If you're frustrated enough to take it on as a hobby project, is that what you want to spend your weekend on? GitHub is chock full of not-all-that-unique content management systems (CMSes) and static site builders. Most of them are abandoned, clones of more popular systems, or both. Don't be yet another one.

  • ​Windows Subsystem for Linux graduates in Windows 10 Fall Creators Update
  • Open-source mapping being used to help first responders in Puerto Rico

    Satellite images of rural towns, sprawling woodlands and grooved mountainsides fill the computer screens as homeowners and students scroll across digital maps.

    This group of a few dozen people gathered on Friday at the Perry Castenada Library on the University of Texas at Austin campus for a four-hour disaster relief mapathon to bolster humanitarian efforts in Puerto Rico, where 91 percent of the island is still without electricity, and Mexico, which was ravaged by a 6.1 earthquake.

  • Kotlin Programming Language Will Surpass Java On Android Next Year

    At Google I/O 2017, Google announced the newly added support for Kotlin programming language in Android, along with the existing languages Java and C++. As per the experts, Kotlin came as a breath of fresh air in Android development ecosystem to make “Android development faster and more fun. But, what about the numbers? How many developers are making a shift to Kotlin? Let’s find out.

  • Progress Being Made On New "WebGPU" Web Graphics API

    There continues to be progress made on the new Apple/W3C backed web graphics API dubbed "WebGPU" that has the backing of major stakeholders.

    Separate from the work being done by The Khronos Group on "WebGL-Next" there is the "WebGPU" initiative being organized by the W3C.

Security Leftovers

Filed under
Security
  • Outlook, Office 2007 slowly taken behind the shed, shots heard

    A decade after their release, Microsoft Office 2007 and Outlook 2007 today fell out of extended support. Gaze teary-eyed at your installation discs. The software has entered the Long Dark Tea-Time of the Soul.

    The cutoff has been coming for some time, of course, but if you're of a nostalgic bent, the Outlook 2007 epitaph is here, and the somewhat longer (with more dates to absorb) Office 2007 farewell is here.

    With extended support ending for both 2007-era families, no new features, bug fixes, security patches, nor support, will be available in future for the programs.

  • Researchers Reveal Critical KRACK Flaws in WPA WiFi Security

    The WPA2 protocol which is widely used to secure WiFi traffic is at risk from multiple vulnerabilities, collectively referred to as "KRACK Attacks" that were publicly disclosed on Oct. 16

    "Attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted," the vulnerability disclosure warns."The attack works against all modern protected Wi-Fi networks."

    KRACK is an acronym for Key Reinstallation Attacks, which were discovered by security research Mathy Vanhoef and Frank Piessens working at Belgian University KU Leuven. The researchers have disclosed the details of the KRACK attack in a research paper and plan on discussing it further in talks at the Computer and Communications Security (CCS) and Black Hat Europe conferences later this year.

  • The World Once Laughed at North Korean Cyberpower. No More.

Ubuntu GNOME Shell in Artful: Day 15

Filed under
GNOME
Ubuntu

Most of you would have noticed already, but most of GNOME modules have been updated to their 3.26.1 release. This means that Ubuntu 17.10 users will be able to enjoy the latest and greatest from the GNOME project. It’s been fun to follow again the latest development release, report bugs, catch up regressions and following new features.

GNOME 3.26.1 introduces in addition to many bug fixes, improvements, documentation and translation, updates resizeable tiling support, which is a great feature that many people will surely take advantage of! Here is the video that Georges has done and blogged about while developing the feature for those who didn’t have a look yet:

Read more

Wi-Fi WPA2 Encryption Problem (and Hype About That)

Filed under
Security
  • Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

    An air of unease set into the security circles on Sunday as they prepared for the disclosure of high-severity vulnerabilities in the Wi-Fi Protected Access II protocol that make it possible for attackers to eavesdrop Wi-Fi traffic passing between computers and access points.

  • WiFi Security Is Borked - We're All Screwed... Maybe

    KRACK - or the Key Reinstallation AttaCK - looks like the new infosec word we all need to know. According to the authors of a paper that will be presented at conference in a couple of weeks, Mathy Vanhoef of KU Leuven and Frank Piessens say they have found a way to circumvent WPA2 security - one of the key tools used for protecting wireless networks. If KRACk proves to be true, all bets are off when it comes to stopping eavesdroppers from listening in to your wireless network.

  • Your Wifi router could be hiding a scary vulnerability

    Anybody that has a WiFi router might want to be sure to have their login details close at hand throughout the course of today.

    That’s because later today security researcher Mathy Vanhoef will reveal a potentially disastrous vulnerability in the WPA2 protocol.

    The Wifi Protected Access protocol appears to have been cracked by Vanhoef according to Gizmodo which took a look at the source code of the researcher’s website Krack Attacks and found this throw forward.

  • Wi-Fi WPA2 encryption possibly cracked

    Just to add on to your Monday morning blues, WPA2 (Wi-Fi Protected Access Version 2) which is the de-facto encryption method used by the majority of Wi-Fi routers is rumored to have been cracked.

Linus Torvalds lauds fuzzing for improving Linux security

Filed under
Linux
Security

Linus Torvalds release notification for Linux 4.14's fifth release candidate contains an interesting aside: the Linux Lord says fuzzing is making a big difference to the open source operating system.

Torvalds' announcement says Linux kernel 4.14 is coming along nicely, with this week's release candidate pleasingly small and “fairly normal in a release that has up until now felt a bit messier than it perhaps should have been.”

This week's most prominent changes concern “... more fixes for the whole new x86 TLB [translation lookaside buffer – Ed] handling due to the ASID [address space ID - Ed] changes that came in this release.”

Read more

Software: psdash, Tilix, Oceanaudio

Filed under
Software
  • psdash – System And Process Monitoring Web Dashboard For Linux

    psdash is a system monitoring and information web dashboard for Linux written in python using psutils and flask. The GUI is pretty much straight forward and clean. All the data is updated automatically, no need to refresh.

    psutils (process and system utilities) is a cross-platform library for retrieving information on running processes and system utilization (CPU, memory, disks, network, sensors) in Python.

  • Tiling Terminal Emulator Tilix 1.7.0 Released with Minor Improvements

    Tilix, the modern tiling terminal emulator for Linux desktops, scored an update at the weekend.

    Although a modest release, Tilix 1.7.0 brings some timely bug fixes and feature improvements to the app formerly known as Terminix.

    This includes support for using tabs instead of a sidebar, a feature Tilix dev Gerald Nunn says was a frequent user request.

    There’s also preliminary Flatpak support, though there’s no specific information on how to text or make use of the Tilix Flatpak. It’d be great to see the app added to the (awesome) Flathub Flatpak app store.

  • Oceanaudio An Audio Editor For Linux

    Audios are an integral part of life. Playing our best songs, having a party or a special function, we require audio everywhere. That is why audio editors are there too to help us make the best of an audio file. When I say audio editor, many of you will just think of audacity. Sure that is a pretty cool software but I think it’s a bit complicated for the inexperienced one.

Linux 4.14-rc5 Released

Filed under
Linux

Linus Torvalds has just issued the Linux 4.14-rc5 kernel update.

With this release out today, we're three to four weeks out from seeing the official Linux 4.14 kernel release. Linux 4.14 has overall been a big cycle with the possibility of going up to a Linux 4.14-rc8 test release prior to declaring the stable release, but we'll have to see Torvalds' reactions in the weeks ahead.

Read more

Security: MalwareTech, JavaScript, Vista 10, TPM2, Intel Back Door, Linux Bug, Pizza Hut Breach, Telcos Spying

Filed under
Security
  • Let MalwareTech Surf! Status Report
  • 500 million PCs are being used for stealth cryptocurrency mining online

    A month or so ago, torrent search website The Pirate Bay raised concern among the community as visitors noticed their CPU usage surged whenever a page was opened.

  • Dutch slam Windows 10 for breaking privacy laws

    Dutch authorities claim Microsoft’s Windows 10 operating system is violating data protection and privacy laws, and warned they may impose fines on the US technology giant.

    “Microsoft breaches the Dutch data protection law by processing personal data of people that use the Windows 10 operating system on their computers,” the Dutch Data Protection Authority (DPA) said in a statement late Friday.

    The company fails to “clearly inform” users of Windows 10 that it “continuously collects personal data about the usage of apps and web surfing behavior through its web browser Edge, when the default settings are used,” the DPA said.

  • Using Elliptic Curve Cryptography with TPM2

    One of the most significant advances going from TPM1.2 to TPM2 was the addition of algorithm agility: The ability of TPM2 to work with arbitrary symmetric and asymmetric encryption schemes. In practice, in spite of this much vaunted agile encryption capability, most actual TPM2 chips I’ve seen only support a small number of asymmetric encryption schemes, usually RSA2048 and a couple of Elliptic Curves. However, the ability to support any Elliptic Curve at all is a step up from TPM1.2. This blog post will detail how elliptic curve schemes can be integrated into existing cryptographic systems using TPM2. However, before we start on the practice, we need at least a tiny swing through the theory of Elliptic Curves.

  • Sakaki's EFI Install Guide/Disabling the Intel Management Engine

    The Intel Management Engine ('IME' or 'ME') is an out-of-band co-processor integrated in all post-2006 Intel-CPU-based PCs. It has full network and memory access and runs proprietary, signed, closed-source software at ring -3,[1][2][3][4] independently of the BIOS, main CPU and platform operating system[5][6] — a fact which many regard as an unacceptable security risk (particularly given that at least one remotely exploitable security hole has already been reported[7][8]).

  • Linux vulnerable to privilege escalation

    An advisory from Cisco issued last Friday, October 13th, gave us the heads-up on a local privilege escalation vulnerability in the Advanced Linux Sound Architecture (ALSA).

    The bug is designated CVE-2017-15265, but its Mitre entry was still marked “reserved” at the time of writing. Cisco, however, had this to say about it before release:

  • Pizza Hut was hacked, company says

    According to a customer notice emailed from the pizza chain, those who placed an order on its website or mobile app between the morning of Oct. 1 and midday Oct. 2 might have had their information exposed.

    The “temporary security intrusion” lasted for about 28 hours, the notice said, and it’s believed that names, billing ZIP codes, delivery addresses, email addresses and payment card information — meaning account number, expiration date and CVV number — were compromised.

  • Want to see something crazy? Open this link on your phone with WiFi turned off

    These services are using your mobile phone’s IP address to look up your phone number, your billing information and possibly your phone’s current location as provided by cell phone towers (no GPS or phone location services required). These services are doing this with the assistance of the telco providers.

  • Telcos "selling realtime ability to associate web browsing with name & address"
Syndicate content

More in Tux Machines

Smartphone Waste and Tizen News

15 Things To Do After Installing Ubuntu 17.10 "Artful Aardvark"

​The New Ubuntu 17.10 "Artful Aardvark" launch with GNOME3 has brought a big change and got a lot of people excited to try it as soon as they can. If you don't know yet the new stuff in Ubuntu 17.10, read the article we published today. Read
more

Anarchy Linux Dispels Fear of Arch

Arch-Anywhere/Anarchy Linux is one of the nicest Arch-based distributions I have encountered. However, Anarchy Linux still requires familiarity with terminology and processes that usually are not needed to install Linux distros from a fully-functioning live session installation disk. Not having a demo mode to preview how the OS runs on your particular hardware can be a time-consuming setback. However, once you have Anarchy Linux up and running, it will give you a very pleasing computing experience. Much of what happens after installation depends on the desktop environment you selected. If you have a desktop preference or prefer one of the included window manager environments instead, you can forget about the sullied reputation that comes with Arch Linux distros. For many reasons, Anarchy Linux is a winning choice. Read more

Intel Graphics Performance: Ubuntu 17.04 vs. 17.10

Given the Ubuntu 17.10 release this week and its massive desktop changes from GNOME Wayland to Mesa/kernel upgrades, we've been busy benchmarking this new Ubuntu OS release. Complementing the Radeon Ubuntu 17.04 vs. 17.10 gaming comparison are now some OpenGL/Vulkan benchmarks when using Intel Kabylake graphics hardware on Ubuntu 17.04, 17.10 with X.Org and Wayland, and the performance if upgrading against Linux/Mesa Git. Read more